Superantispyware found unknown trojan

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
my superantisyware found trojan.unknown origin

the only programme iv recently installed is spyware terminator a few
days ago


can someone plz tell me where this has come from, just so i know, btw
it was found in the registry, here is the results

SUPERAntiSpyware Scan Log
Generated 08/16/2006 at 10:31 PM

Core Rules Database Version : 3055
Trace Rules Database Version: 1101

Memory threats detected   : 0
Registry threats detected : 43
File threats detected     : 0

Trojan.Unknown Origin
    HKCR\InetCtls.Inet
    HKCR\InetCtls.Inet\CLSID
    HKCR\InetCtls.Inet\CurVer
    HKCR\InetCtls.Inet.1
    HKCR\InetCtls.Inet.1\CLSID
    HKCR\CLSID\
    HKCR\CLSID\\Control
    HKCR\CLSID\\Implemented
Categories
    HKCR\CLSID\\Implemented
Categories\
    HKCR\CLSID\\Implemented
Categories\
    HKCR\CLSID\\Implemented
Categories\
    HKCR\CLSID\\Implemented
Categories\
    HKCR\CLSID\\Implemented
Categories\
    HKCR\CLSID\\InprocServer32
    HKCR\CLSID\\InprocServer32#ThreadingModel
    HKCR\CLSID\\MiscStatus
    HKCR\CLSID\\MiscStatus
    HKCR\CLSID\\ProgID
    HKCR\CLSID\\Programmable
    HKCR\CLSID\\ToolboxBitmap32
    HKCR\CLSID\\TypeLib
    HKCR\CLSID\\Version
    HKCR\CLSID\\VersionIndependentProgID
    HKCR\CLSID\
    HKCR\CLSID\\InprocServer32
    HKCR\CLSID\
    HKCR\CLSID\\InprocServer32
    HKCR\TypeLib\
    HKCR\TypeLib\.0
    HKCR\TypeLib\.0
    HKCR\TypeLib\.0\win32
    HKCR\TypeLib\.0\FLAGS
    HKCR\TypeLib\.0\HELPDIR
    HKCR\Interface\
    HKCR\Interface\\ProxyStubClsid
    HKCR\Interface\\ProxyStubClsid32
    HKCR\Interface\\TypeLib
    HKCR\Interface\\TypeLib#Version
    HKCR\Interface\
    HKCR\Interface\\ProxyStubClsid
    HKCR\Interface\\ProxyStubClsid32
    HKCR\Interface\\TypeLib
    HKCR\Interface\\TypeLib#Version


Re: Superantispyware found unknown trojan


| my superantisyware found trojan.unknown origin
|
| the only programme iv recently installed is spyware terminator a few
| days ago
|
| can someone plz tell me where this has come from, just so i know, btw
| it was found in the registry, here is the results
|
| SUPERAntiSpyware Scan Log
| Generated 08/16/2006 at 10:31 PM
|
| Core Rules Database Version : 3055
| Trace Rules Database Version: 1101
|
| Memory threats detected   : 0
| Registry threats detected : 43
| File threats detected     : 0
|
| Trojan.Unknown Origin
|  HKCR\InetCtls.Inet
|  HKCR\InetCtls.Inet\CLSID
|  HKCR\InetCtls.Inet\CurVer
|  HKCR\InetCtls.Inet.1
|  HKCR\InetCtls.Inet.1\CLSID
|  HKCR\CLSID\

< snip >

Troj/Angelfre-D -- http://www.sophos.com/virusinfo/analyses/trojangelfred.html
SpywareStormer --
http://www.symantec.com/security_response/writeup.jsp?docid=2006-012014-1039-99&tabid=2
Spyware.PCPolice --
http://www.symantec.com/security_response/writeup.jsp?docid=2005-062014-5447-99&tabid=2

http://searchg.symantec.com/search?q=InetCtls.Inet&context=ent&src=sea&output=xml_no_dtd&ie=UTF-8&oe=UTF-8&client=symc_en_US&proxystylesheet=symc_en_US&site=symc_en_US


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Superantispyware found unknown trojan


vix wrote:
Quoted text here. Click to load it
    HKCR\CLSID\\InprocServer32#ThreadingModel
Quoted text here. Click to load it

Vix - that may have been a false positive, did you update your
defintions prior to scanning? Make sure you have Core : 3055 and Trace
: 1102 and re-scan.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com


Re: Superantispyware found unknown trojan

Nick Skrepetos wrote:

Quoted text here. Click to load it

Nick, not many developers, I believe, would even admit to the
possibility of an FP. Your candor is refreshing.

Re: Superantispyware found unknown trojan


optikl wrote:
Quoted text here. Click to load it

Thank you for the compliment. False Positives are a reality in our
business, so I don't feel there is a need to hide that fact - the real
issue is how fast they are dealt with - in our case we have real-time
false positive reporting built into the product, so it was reported and
removed within one hour of initial release.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com


Site Timeline